I just got this email purporting to be from PayPal. I don’t believe the email.
Dear valued PayPal member: It has come to our attention that your PayPal account information needs to be updated as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website. If you could please take 5-10 minutes out of your online experience and update your personal records you will not run into any future problems with the online service. However, failure to update your records will result in account suspension. Please update your records on or before July 06, 2007. Once you have updated your account records, your PayPal session will not be interrupted and will continue as normal. To update your PayPal records click on the following link: http://126.96.36.199/updateusersonlinesecurity.html Thank You. PayPal UPDATE TEAM
What makes me think it is a fake? The URL does not contain PayPal’s domain name. It is a simple IP address.
So, who owns the IP Address?
OrgName: Road Runner HoldCo LLC OrgID: RRSW Address: 13241 Woodland Park Road City: HerndonState Prov: VA PostalCode: 20171 Country: US
And what about the real PayPal. Their IP Address is 188.8.131.52.
Also, the email didn’t have my address in the “TO” box (So I’m guessing all the recipients were BCC’d into the list) and the reply address is firstname.lastname@example.org.
I have sent an appropriate email to Road Runner letting them know that someone is using their servers to host phishing sites. Hopefully it can be taken down promptly to prevent any less savvy people falling victim to this really quite amaturish attempt at a phishing scam.